Thanksgiving Black Friday Day and Cyber Monday

Thanksgiving Day is upon us this week and Black Friday/Cyber Monday is right around the corner-your purchasing season begins. Nowadays, Black Friday is no only about traditional in-store purchasing, but also it's about surfing online in cozy couch while watching TV; it's about picking and comparing products while checking others' reviews and get them the second day at your front door; it's even about waiting for the deals and discount when you are playing games, pasting your pictures online with your mobile devices. However convenience always comes with risks: SPAM Emails lurk; new Ransomware emerge out-of-the-blue; Exploit Kits, and Phishing websites are ready with their traps. So, how do you fulfill your shopping list in the happy holiday season without being bothered? Let's run through some of the typical threats facing online shopping in the coming weeks.

Online Shopping

SonicWALL has investigated multiple popular online shopping websites including Amazon, eBay etc. The following is a typical Amazon webpages browsing pattern around Thanksgiving week in 2015. The high-lighted days are Black Friday and Cyber Monday.

This graph shows how there is a slight decrease in Amazon Browsing traffic on Thanksgiving Day (11/26/2015) and Black Friday (11/27/2015) compared with the pattern from the previous weeks. The graph also shows the large increase in Amazon traffic on Cyber Monday (11/30/2015) and during the following work days. SonicWALL devices are mostly protecting small- and medium-sized organizations. For this reason the traffic during the holidays are usually lower compared to traffic during the same days in regular weeks. It shows that a lot of people are busy with family related activities during the Thanksgiving holiday. The spike right after the Thanksgiving weekend definitely shows a strong signal of purchasing/browsing of online stores during the week of Cyber Monday.

SPAM Email Threat

At the same time SPAM Email related to Thanksgiving and Black Friday during the Thanksgiving week we collected from previous years (2013, 2014 and 2015) shows a steady growth during the week. The SPAM emails have a common theme of trying to lure consumers to click on the links and provide their personal information in exchange for access to special offers and deep discounts. Typical subjects of SPAM emails can be seen below. You can find more examples from the previous SonicAlerts (listed above).

POS malware has been observed for Black Friday in previous years. However, we believe that POS malware is on the decline, as retailers are increasingly aware of this threat, although it is still happening, for example Wendy's data breach. We have not seen as many large-scale breaches attributed to POS malware compared to those seen in previous years, for example the Target, and Home Depot data breaches. Also, a lot of the retailers have improved their security measures, for example, by using chip-based credit card readers, which help mitigate the POS threat. In our opinion, POS will not be a major threat during this Thanksgiving week.

Fake Deal Apps

Fake branded mobile apps--most of them on Android--falsely advertise access to early Black Friday and Cyber Monday deals. Fake Deal Apps have been observed in the past to lure victims with the promise of discounts. The real motivation for these apps are to steal personally identifiable information (PII) from the phones. Although not as common as SPAM, we believe this threat is on the increase, and new fake android apps will surface for Black Friday/Cyber Monday week in 2016 as well.

Ransomeware and EK

Ransomware are popular this year, but we haven't observed popular Ransomware attacks based on Black Friday in the past. Exploit Kits are decreasing this year after the most popular Angler was brought offline. They will not have big campaign in the Thanksgiving holiday.

Shopping Suggestions

Based on our observations and the predictions above, we suggest you follow the basic rules below when you shop online:

Keep your browsers / operation system up to date

Use SSL secured sites for shopping

Be cautious about the fake websites and the suspicious advertisements on the webpages

Do not open the links or attachments from unknown or suspicious Emails

Be careful with the links when they are shortened like bit.ly, goo.gl

Use different password when you have multiple online accounts

Pay by credit card for the extra protection from banks

Do not install suspicious apps from link in the Emails or messaging apps like WhatsApp